Chapter 6

An auditor's primary consideration regarding an entity's internal controls is whether they

Prevent managment override

Relate to the control environment

Relfect management's philosophy and operating style

Affect the financial statement assertions

2

Which of the following statements about internal control is correct?

A properly maintained internal control system reasonably ensures that collusion among employees cannot occur

The establishment and maintenance of internal control is an important responsibility of the internal auditor

An exceptionally strong internal control system is enough for the auditor to eliminate substantive procedures on a significant account balance

The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system

3

Which of the following is not a component of an entity's internal control system?

Control risk

The entity's risk assessment process

Control activities

Control environment

4

In which of the following situations would an auditor most likely use a reliance strategy?

The client has been slow to update its IT system to reflect changes in billing practices

The auditor hired an IT specialist whose report to the auditor revelas that the specialist did not perform sufficient procedures to allow the auditor to properly assess the effect of the IT system on control risk

A client receives sales orders, bills customers, and receives payment based only on information generated from its IT system-no paper trail is generated

The auditor has been unable to ascertain whether all changes to client's IT system were properly authorized

5

After obtaining an understanding of an entity'ss internal control system, an auditor may set control risk at the maximum level for some assertions because he or she

Believes the internal controls are unlikely to be effective

Determines that the pertinent internal control components are not well documented

Performs tests of controls to restrict detection risk to an acceptable level

Identifies internal controls that are likely to prevent material misstatements

6

Regardless of the assessed level of control risk, an auditory would perform some